From 76c52a1cb5385ea94c79b43dd4dd1fe088b30993 Mon Sep 17 00:00:00 2001 From: Sandro Bonazzola Date: Mon, 6 Nov 2006 21:11:59 +0000 Subject: Security fix from upstream, patch from https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=139715. Should fix bug #154218. Re-taking over maintainership. (Portage version: 2.1.2_rc1-r4) (Signed Manifest commit) --- app-arch/rpm/Manifest | 58 +++++++++++-------- app-arch/rpm/files/digest-rpm-4.4.6-r2 | 3 - app-arch/rpm/files/digest-rpm-4.4.7 | 3 - app-arch/rpm/rpm-4.4.6-r2.ebuild | 100 --------------------------------- app-arch/rpm/rpm-4.4.7.ebuild | 100 --------------------------------- 5 files changed, 36 insertions(+), 228 deletions(-) delete mode 100644 app-arch/rpm/files/digest-rpm-4.4.6-r2 delete mode 100644 app-arch/rpm/files/digest-rpm-4.4.7 delete mode 100644 app-arch/rpm/rpm-4.4.6-r2.ebuild delete mode 100644 app-arch/rpm/rpm-4.4.7.ebuild diff --git a/app-arch/rpm/Manifest b/app-arch/rpm/Manifest index 29752f688c2c..ec83dc4da22b 100644 --- a/app-arch/rpm/Manifest +++ b/app-arch/rpm/Manifest @@ -1,7 +1,14 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA1 + AUX rpm-4.4.6-autotools.patch 660 RMD160 63155d3737ffdf9927b1763ddf068c5964e168c9 SHA1 70dd2346df0e5d95ec4a06587485381b48d52b81 SHA256 dd4828899e760358b702d0c2ca75e781619f7b65140cf2cc5600ea687a085569 MD5 3393c6bd76f8f86a8266a4fd3c6ef1c5 files/rpm-4.4.6-autotools.patch 660 RMD160 63155d3737ffdf9927b1763ddf068c5964e168c9 files/rpm-4.4.6-autotools.patch 660 SHA256 dd4828899e760358b702d0c2ca75e781619f7b65140cf2cc5600ea687a085569 files/rpm-4.4.6-autotools.patch 660 +AUX rpm-4.4.6-buffer-overflow.patch 1952 RMD160 468c71731ec6893de165b4e1047f85f5b240f2f7 SHA1 dc41417f4064eb9476de9ef51e616042e55e5f73 SHA256 6ae715632dabd6cc6c24a92312ac22c1bd57235ff2f027f68943df68dcfc957b +MD5 f0f2c037211b85a8f725d4c51f65c622 files/rpm-4.4.6-buffer-overflow.patch 1952 +RMD160 468c71731ec6893de165b4e1047f85f5b240f2f7 files/rpm-4.4.6-buffer-overflow.patch 1952 +SHA256 6ae715632dabd6cc6c24a92312ac22c1bd57235ff2f027f68943df68dcfc957b files/rpm-4.4.6-buffer-overflow.patch 1952 AUX rpm-4.4.6-stupidness.patch 4992 RMD160 d8f0e831599a72e6224e19a568fffadd999ebc4a SHA1 317f19c9f181ca2cd40d832536c458884bb5b279 SHA256 84af6ddab50982e15df90d2c7895ecd0f0b568caa6cd0af57ce33e1af784b4a7 MD5 ba3ebde8f6d04c144f7d42f4eaba3dcf files/rpm-4.4.6-stupidness.patch 4992 RMD160 d8f0e831599a72e6224e19a568fffadd999ebc4a files/rpm-4.4.6-stupidness.patch 4992 @@ -16,25 +23,32 @@ RMD160 631f1bf3dc4553e27dec4a901fa84e17ffc7c7c9 files/rpm-4.4.7-stupidness.patch SHA256 e563657e648e9b5ecfc0a653d7515f93db7785ec6867c81591663213965c0850 files/rpm-4.4.7-stupidness.patch 5268 DIST rpm-4.4.6.tar.gz 17157249 RMD160 6b433d20a63fb2542244ae62eff0a8b5fe290439 SHA1 33221f95189671d1a083b4f140bcf9a88ecd4374 SHA256 1e1da50af2b9dfe34c79315eae7520e7e57087671e17ce26107d779ae2b0b595 DIST rpm-4.4.7.tar.gz 14125623 RMD160 9002eb0fe1d680d8bff447d6918f9726c9a4e34c SHA1 b119fb0f10fd5e2eb330ba547b6a89e40f3c0e68 SHA256 18fde4195e4ac21a4290327336948f8c4fc58a680395edbb5f2f31bae67b18b5 -EBUILD rpm-4.4.6-r2.ebuild 2720 RMD160 3b4813d058bd421c83bd0e31a8f4b759ff6ddea2 SHA1 1014e7f69dd9fe44b1217cd9d4bdd3f32a5bd965 SHA256 ad074da2ecb96eca1dd95eccc92c588608f25cf7d86b6e9285d4ab6947dc919d -MD5 d61e91432dc8d59bd6e422e9943e8d32 rpm-4.4.6-r2.ebuild 2720 -RMD160 3b4813d058bd421c83bd0e31a8f4b759ff6ddea2 rpm-4.4.6-r2.ebuild 2720 -SHA256 ad074da2ecb96eca1dd95eccc92c588608f25cf7d86b6e9285d4ab6947dc919d rpm-4.4.6-r2.ebuild 2720 -EBUILD rpm-4.4.7.ebuild 2736 RMD160 82f3ef9944c3d9d0cc25b0b8a6f39d7d52c6b5a4 SHA1 1cf8ca69261bc1a761be6c9182215d91a6049e4b SHA256 0d4ee138a4ca3c627bb7799e33048aad4a1a6e0cdad11f6d486e455d93139140 -MD5 9114e3ae21c62fdf1f05b863f95ce049 rpm-4.4.7.ebuild 2736 -RMD160 82f3ef9944c3d9d0cc25b0b8a6f39d7d52c6b5a4 rpm-4.4.7.ebuild 2736 -SHA256 0d4ee138a4ca3c627bb7799e33048aad4a1a6e0cdad11f6d486e455d93139140 rpm-4.4.7.ebuild 2736 -MISC ChangeLog 10795 RMD160 2329e6057c46ca1d7c7df58dbc153f02caddc680 SHA1 edc6178d45c98966ef98127862a5ca18a2bc1297 SHA256 d9c3bd4702fa77ccfd76fe8b809fd3b02a645c6a72ac50f7f983c8e26f415595 -MD5 de9b93b80fc664fbc1b90f6aea126bb1 ChangeLog 10795 -RMD160 2329e6057c46ca1d7c7df58dbc153f02caddc680 ChangeLog 10795 -SHA256 d9c3bd4702fa77ccfd76fe8b809fd3b02a645c6a72ac50f7f983c8e26f415595 ChangeLog 10795 -MISC metadata.xml 208 RMD160 39ad337f8685418f5b45c34201a8113582d9bb9a SHA1 6727bbe0e4b51c24f9db722829192b0aa4739acd SHA256 c2fcafd5aa8691af1de56b378a262dd500381a6835757995789be3ccc2d86909 -MD5 22e0b5466a2c9ac8f39bee36d2a28dff metadata.xml 208 -RMD160 39ad337f8685418f5b45c34201a8113582d9bb9a metadata.xml 208 -SHA256 c2fcafd5aa8691af1de56b378a262dd500381a6835757995789be3ccc2d86909 metadata.xml 208 -MD5 5ee2f2cd59d279b728247d54548a3529 files/digest-rpm-4.4.6-r2 235 -RMD160 cb1beebaaafaa9024dca4713846df4da6877e723 files/digest-rpm-4.4.6-r2 235 -SHA256 1a9d97d24a7c07cfd808a471e9fd22ced0813b41a109f6716b1d216fc828ecce files/digest-rpm-4.4.6-r2 235 -MD5 1bb4771bd008ae0ecf2541173a600056 files/digest-rpm-4.4.7 235 -RMD160 5738523442bad1419926794367ffc30a16b59140 files/digest-rpm-4.4.7 235 -SHA256 1bf6cb96963acf3da6ad4a4b2e8166f0b426c0e396cdfe4428b2386d1fcad697 files/digest-rpm-4.4.7 235 +EBUILD rpm-4.4.6-r3.ebuild 2775 RMD160 4f5c139299f125900ff56da72e806b789094b361 SHA1 2421c3afeeb2b41825ce1e7aa9f42b31ff649a2d SHA256 fef54145ba4404f3d90d1dc587f563b0305e14bc5f822434e6df07a166c8674e +MD5 9d90b8e68cea479b87a0b1f2802fc5ed rpm-4.4.6-r3.ebuild 2775 +RMD160 4f5c139299f125900ff56da72e806b789094b361 rpm-4.4.6-r3.ebuild 2775 +SHA256 fef54145ba4404f3d90d1dc587f563b0305e14bc5f822434e6df07a166c8674e rpm-4.4.6-r3.ebuild 2775 +EBUILD rpm-4.4.7-r1.ebuild 2794 RMD160 25e8dbf913b1a13eb75696753982238358151535 SHA1 4863aa864215470eea2c502e17fd64b1d975e944 SHA256 f6645d8b478ecbfb44b2bbc704f0c03bc255865a9c1f15c3b2bd130b4c70cce9 +MD5 06fa13c03cc0b5c6a161ad49d2dfca4e rpm-4.4.7-r1.ebuild 2794 +RMD160 25e8dbf913b1a13eb75696753982238358151535 rpm-4.4.7-r1.ebuild 2794 +SHA256 f6645d8b478ecbfb44b2bbc704f0c03bc255865a9c1f15c3b2bd130b4c70cce9 rpm-4.4.7-r1.ebuild 2794 +MISC ChangeLog 11218 RMD160 871e1da0ff827d3e8f4dfdd2291d0075544a4996 SHA1 fa17cfc1015428906a55aafbcafea97c6cdab9e0 SHA256 338c75f020288bd881b78d4fbac1c5120fd87d89ee1d5936018992f210750ed2 +MD5 1e93051c8fb2bf204b7c94bc28f0ce5f ChangeLog 11218 +RMD160 871e1da0ff827d3e8f4dfdd2291d0075544a4996 ChangeLog 11218 +SHA256 338c75f020288bd881b78d4fbac1c5120fd87d89ee1d5936018992f210750ed2 ChangeLog 11218 +MISC metadata.xml 221 RMD160 57859b0d6c681ad2aa7db0d58348892219149231 SHA1 37657578addb8fd633479dd88dc6f8011ac55080 SHA256 01f54e470bf605b606876efa6e6bfd634a2f964909f3920b0994fe2b21c3b731 +MD5 305207dd9314b4b02a0becf597cf875f metadata.xml 221 +RMD160 57859b0d6c681ad2aa7db0d58348892219149231 metadata.xml 221 +SHA256 01f54e470bf605b606876efa6e6bfd634a2f964909f3920b0994fe2b21c3b731 metadata.xml 221 +MD5 5ee2f2cd59d279b728247d54548a3529 files/digest-rpm-4.4.6-r3 235 +RMD160 cb1beebaaafaa9024dca4713846df4da6877e723 files/digest-rpm-4.4.6-r3 235 +SHA256 1a9d97d24a7c07cfd808a471e9fd22ced0813b41a109f6716b1d216fc828ecce files/digest-rpm-4.4.6-r3 235 +MD5 1bb4771bd008ae0ecf2541173a600056 files/digest-rpm-4.4.7-r1 235 +RMD160 5738523442bad1419926794367ffc30a16b59140 files/digest-rpm-4.4.7-r1 235 +SHA256 1bf6cb96963acf3da6ad4a4b2e8166f0b426c0e396cdfe4428b2386d1fcad697 files/digest-rpm-4.4.7-r1 235 +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1.4.5 (GNU/Linux) + +iD8DBQFFT6PwwmS/YhfgUiURAjwFAJ0dYPWqJsUyU2jJxn0zOvKZWkSHnACgmGSr +m8h2Q2RZLi80TEbsWWTMFh0= +=RlPD +-----END PGP SIGNATURE----- diff --git a/app-arch/rpm/files/digest-rpm-4.4.6-r2 b/app-arch/rpm/files/digest-rpm-4.4.6-r2 deleted file mode 100644 index 8dae251f56e0..000000000000 --- a/app-arch/rpm/files/digest-rpm-4.4.6-r2 +++ /dev/null @@ -1,3 +0,0 @@ -MD5 baa6f371446c65b4080d1cd1f194a7ae rpm-4.4.6.tar.gz 17157249 -RMD160 6b433d20a63fb2542244ae62eff0a8b5fe290439 rpm-4.4.6.tar.gz 17157249 -SHA256 1e1da50af2b9dfe34c79315eae7520e7e57087671e17ce26107d779ae2b0b595 rpm-4.4.6.tar.gz 17157249 diff --git a/app-arch/rpm/files/digest-rpm-4.4.7 b/app-arch/rpm/files/digest-rpm-4.4.7 deleted file mode 100644 index 8ad784707d6f..000000000000 --- a/app-arch/rpm/files/digest-rpm-4.4.7 +++ /dev/null @@ -1,3 +0,0 @@ -MD5 d012c81b5169f7377ea4a36607e1445e rpm-4.4.7.tar.gz 14125623 -RMD160 9002eb0fe1d680d8bff447d6918f9726c9a4e34c rpm-4.4.7.tar.gz 14125623 -SHA256 18fde4195e4ac21a4290327336948f8c4fc58a680395edbb5f2f31bae67b18b5 rpm-4.4.7.tar.gz 14125623 diff --git a/app-arch/rpm/rpm-4.4.6-r2.ebuild b/app-arch/rpm/rpm-4.4.6-r2.ebuild deleted file mode 100644 index 980a5f2ddb10..000000000000 --- a/app-arch/rpm/rpm-4.4.6-r2.ebuild +++ /dev/null @@ -1,100 +0,0 @@ -# Copyright 1999-2006 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/app-arch/rpm/rpm-4.4.6-r2.ebuild,v 1.5 2006/11/06 20:58:28 sanchan Exp $ - -WANT_AUTOCONF="latest" -WANT_AUTOMAKE="latest" -inherit eutils autotools distutils perl-module - -DESCRIPTION="Red Hat Package Management Utils" -HOMEPAGE="http://www.rpm.org/" -SRC_URI="http://wraptastic.org/pub/rpm-4.4.x/${P}.tar.gz" - -LICENSE="GPL-2 LGPL-2" -SLOT="0" -KEYWORDS="alpha amd64 arm hppa ia64 mips ppc ppc64 s390 sh sparc x86" -IUSE="nls python perl doc sqlite" - -RDEPEND="=sys-libs/db-3.2* - >=sys-libs/zlib-1.1.3 - >=app-arch/bzip2-1.0.1 - >=dev-libs/popt-1.7 - >=app-crypt/gnupg-1.2 - dev-libs/elfutils - virtual/libintl - >=dev-libs/beecrypt-3.1.0-r1 - python? ( >=dev-lang/python-2.2 ) - perl? ( >=dev-lang/perl-5.8.8 ) - nls? ( virtual/libintl ) - sqlite? ( >=dev-db/sqlite-3.3.5 ) - net-misc/neon" -DEPEND="${RDEPEND} - nls? ( sys-devel/gettext ) - doc? ( app-doc/doxygen )" - -src_unpack() { - unpack ${A} - cd "${S}" - epatch "${FILESDIR}"/rpm-4.4.6-with-sqlite.patch - epatch "${FILESDIR}"/rpm-4.4.6-stupidness.patch - epatch "${FILESDIR}"/rpm-4.4.6-autotools.patch - epatch "${FILESDIR}"/rpm-4.4.6-buffer-overflow.patch - - # rpm uses AM_GNU_GETTEXT() but fails to actually - # include any of the required gettext files - cp /usr/share/gettext/config.rpath . || die - - # the following are additional libraries that might be packaged with - # the rpm sources. grep for "test -d" in configure.ac - cp file/src/{file,patchlevel}.h tools/ - rm -rf beecrypt elfutils neon popt sqlite zlib intl file - - sed -i -e "s:intl ::" Makefile.am - sed -i -e "s:intl/Makefile ::" configure.ac - AT_NO_RECURSIVE="yes" eautoreconf - # TODO Get rid of internal copies of lua, db and db3 -} - -src_compile() { - python_version - econf \ - --enable-posixmutexes \ - --without-javaglue \ - --without-selinux \ - $(use_with python python ${PYVER}) \ - $(use_with doc apidocs) \ - $(use_with perl) \ - $(use_with sqlite) \ - $(use_enable nls) \ - || die "econf failed" - emake || die "emake failed" -} - -src_install() { - emake DESTDIR="${D}" install || die "emake install failed" - - mv "${D}"/bin/rpm "${D}"/usr/bin - rmdir "${D}"/bin - - use nls || rm -rf "${D}"/usr/share/man/?? - - keepdir /usr/src/rpm/{SRPMS,SPECS,SOURCES,RPMS,BUILD} - - dodoc CHANGES CREDITS GROUPS README* RPM* - use doc && dohtml -r apidocs/html/* - - # Fix perllocal.pod file collision - use perl && fixlocalpod -} - -pkg_postinst() { - if [[ -f ${ROOT}/var/lib/rpm/Packages ]] ; then - einfo "RPM database found... Rebuilding database (may take a while)..." - "${ROOT}"/usr/bin/rpm --rebuilddb --root=${ROOT} - else - einfo "No RPM database found... Creating database..." - "${ROOT}"/usr/bin/rpm --initdb --root=${ROOT} - fi - - distutils_pkg_postinst -} diff --git a/app-arch/rpm/rpm-4.4.7.ebuild b/app-arch/rpm/rpm-4.4.7.ebuild deleted file mode 100644 index ae84c433c907..000000000000 --- a/app-arch/rpm/rpm-4.4.7.ebuild +++ /dev/null @@ -1,100 +0,0 @@ -# Copyright 1999-2006 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/app-arch/rpm/rpm-4.4.7.ebuild,v 1.5 2006/11/06 20:58:28 sanchan Exp $ - -WANT_AUTOCONF="latest" -WANT_AUTOMAKE="latest" -inherit eutils autotools distutils perl-module - -DESCRIPTION="Red Hat Package Management Utils" -HOMEPAGE="http://www.rpm.org/" -SRC_URI="http://wraptastic.org/pub/rpm-4.4.x/${P}.tar.gz" - -LICENSE="GPL-2 LGPL-2" -SLOT="0" -KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" -IUSE="nls python perl doc sqlite" - -RDEPEND="=sys-libs/db-3.2* - >=sys-libs/zlib-1.2.3-r1 - >=app-arch/bzip2-1.0.1 - >=dev-libs/popt-1.7 - >=app-crypt/gnupg-1.2 - dev-libs/elfutils - virtual/libintl - >=dev-libs/beecrypt-3.1.0-r1 - python? ( >=dev-lang/python-2.2 ) - perl? ( >=dev-lang/perl-5.8.8 ) - nls? ( virtual/libintl ) - sqlite? ( >=dev-db/sqlite-3.3.5 ) - net-misc/neon" -DEPEND="${RDEPEND} - nls? ( sys-devel/gettext ) - doc? ( app-doc/doxygen )" - -src_unpack() { - unpack ${A} - cd "${S}" - epatch "${FILESDIR}"/rpm-4.4.6-with-sqlite.patch - epatch "${FILESDIR}"/rpm-4.4.7-stupidness.patch - epatch "${FILESDIR}"/rpm-4.4.6-autotools.patch - epatch "${FILESDIR}"/rpm-4.4.6-buffer-overflow.patch - - # rpm uses AM_GNU_GETTEXT() but fails to actually - # include any of the required gettext files - cp /usr/share/gettext/config.rpath . || die - - # the following are additional libraries that might be packaged with - # the rpm sources. grep for "test -d" in configure.ac - cp file/src/{file,patchlevel}.h tools/ - rm -rf beecrypt elfutils neon popt sqlite zlib intl file - - sed -i -e "s:intl ::" Makefile.am - sed -i -e "s:intl/Makefile ::" configure.ac - AT_NO_RECURSIVE="yes" eautoreconf - # TODO Get rid of internal copies of lua, db and db3 -} - -src_compile() { - python_version - econf \ - --enable-posixmutexes \ - --without-javaglue \ - --without-selinux \ - $(use_with python python ${PYVER}) \ - $(use_with doc apidocs) \ - $(use_with perl) \ - $(use_with sqlite) \ - $(use_enable nls) \ - || die "econf failed" - emake -j1 || die "emake failed" -} - -src_install() { - emake DESTDIR="${D}" install || die "emake install failed" - - mv "${D}"/bin/rpm "${D}"/usr/bin - rmdir "${D}"/bin - - use nls || rm -rf "${D}"/usr/share/man/?? - - keepdir /usr/src/rpm/{SRPMS,SPECS,SOURCES,RPMS,BUILD} - - dodoc CHANGES CREDITS GROUPS README* RPM* - use doc && dohtml -r apidocs/html/* - - # Fix perllocal.pod file collision - use perl && fixlocalpod -} - -pkg_postinst() { - if [[ -f ${ROOT}/var/lib/rpm/Packages ]] ; then - einfo "RPM database found... Rebuilding database (may take a while)..." - "${ROOT}"/usr/bin/rpm --rebuilddb --root=${ROOT} - else - einfo "No RPM database found... Creating database..." - "${ROOT}"/usr/bin/rpm --initdb --root=${ROOT} - fi - - distutils_pkg_postinst -} -- cgit v1.2.3-65-gdbad